EXPERIENCE WITH:

Security Event Detection, Triage, Analysis, and Response
Investigative Process
Remediation Techniques
Documenting Findings
Log Analysis
Network Traffic Analysis
Email Analysis

EXPERIENCE WITH SIEM PLATFORMS IS PREFERRED, SUCH AS:

Devo, Elastic, Splunk ES, QRadar, Azure Sentinel, AlienVault, NetWitness, ArcSight, McAfee ESM

EXPERIENCE WITH ENDPOINT PROTECTION PLATFORMS IS PREFERRED, SUCH AS:

SentinelOne, CrowdStrike Falcon, Tanium, Endgame, MDE/MS Defender, Symantec, Endpoint Protection, Cybereason, McAfee ePO

EXPERIENCE WITH SOAR PLATFORMS IS PREFERRED, SUCH AS:

Cortex XSOAR, Siemplify, Splunk Phantom, IBM Resilient, Swimlane
Experience with other security monitoring or data collection platforms is preferred, such as: MISP, Proofpoint, Gigamon ThreatINSIGHT (or other IDS/IPS tools), Sandbox platforms (Joe Sandbox, VMRay, Hatching, etc.), Ticketing Systems (ServiceNow, Archer, etc.)

In the L2 SOC Analyst role you’ll be entrusted to deliver managed security services to some of the most recognized brands in the world, protecting them from threats that actually matter to their business…24x7x365. The L1/L2 SOC Analyst will be working alongside a talented group of cybersecurity Analysts.
Bachelor’s Degree or higher preferred but not required
Experience: 2+ Years in a 24x7 security operations environment, previous L1/L2 Analyst type role
Certifications: Security industry specific certifications are a plus (SEC+, CEH, GCIH, GCFA, OSCP etc.)